Back to skill

Security audit

EO Workflow: Paper

Security checks across malware telemetry and agentic risk

Overview

This is a text-only academic writing workflow with no install code or system access, but users should supervise citations, originality, and any optional memory features.

Safe to install as a drafting aid, but do not treat it as an autonomous research or publication system. Verify all sources and citations, follow your institution or journal rules on AI-assisted writing, and only enable separate EO memory/RAG integrations for research context you are comfortable storing or reusing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill can be invoked by very broad academic-writing requests, which increases the chance of accidental or inappropriate activation for generic user prompts. In an agent ecosystem, this can cause the wrong workflow to take over, leading to unintended task execution, misleading claims about literature filtering, or overconfident paper-generation behavior without explicit user consent.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.